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(54) Revocation information updating method, revocation information updating apparatus and 
storage medium 



(57) A storage medium (PM) 1 3 includes a controller 
130 and two types of storage regions, the concealed re- 
gion 1 34 and the open region 1 31 . The open region 1 31 
includes an open RW 133 storing a digital content, an 
open ROM-W region 132a storing, as revocation infor- 
mation, identification information of an electronic appli- 
ance that is prohibited from accessing the digital con- 



tent, and an open ROM region 132 storing, as master 
revocation information, identification information of an 
electronic appliance that is prohibited from updating the 
revocation information. When the storage medium is 
loaded into an electronic appliance that has identifica- 
tion information which is registered in the open ROM re- 
gion 132, the controller 130 prohibits the electronic ap- 
pliance from updating the revocation information. 
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Description 

BACKGROUND OF THE INVENTION 

1 . Field of the Invention 

[0001] The present invention relates to a storage me- 
dium used to store digital contents, such as programs 
and digitized text, audio and video, and to a method for 
updating revocation information that is used to prevent 
unauthorized electronic appliances from recording and 
reproducing digital contents. 

2. Description of the Related Art 

[0002] The advancements in digital and microproces- 
sor technologies in recent years have enabled the de- 
velopment of a great variety of electronic appliances. 
Examples of such are personal computers with multime- 
dia capabilities, set-top boxes, reproduction devices 
and game consoles. In addition to reproducing image 
data, audio data and other types of digital contents from 
recording media, such appliances can also download 
digital contents from networks like the Internet. 
[0003] Digital contents are generally copyrighted ma- 
terial that has been digitally encoded according to a 
technique such as MPEG 2 (Moving Pictures Experts 
Group 2) or MP3 (Moving Pictures Experts Group - Au- 
dio Layer 3) . Such contents can be copied and transmit- 
ted on networks with no loss in quality. This means there 
is a growing need fortechnologies to stop improper acts 
that violate the copyrights over such material. 
[0004] Current electronic appliances such as person- 
al computers, set-top boxes, and reproduction devices 
tend to use "reversible" recording media, which here re- 
fers to recording media that are not player-dependent. 
Such media operate according to specifications that are 
usually made public. This makes it possible for users to 
transfer or copy digital contents onto other media at will, 
so that there is no effective way of protecting a digital 
content recorded on a recording medium. 
[0005] Memory cards, where a recording medium and 
a controller are integrated : have recently appeared on 
the market. Such cards can be provided with a protected 
region (hereinafter called a "concealed region") that can 
be accessed by an access control function of the con- 
troller according to a special procedure, but otherwise 
cannot be accessed by users. It is believed that digital 
contents can be protected more securely by using a con- 
cealed region to store important information (such as 
copy control information and transfer control informa- 
tion) that relates to the way in which digital contents can 
be used. 

[0006] The following describes one conceivable way 
to protect the copyright of a digital content. Whenever a 
digital content is transferred between any of the elec- 
tronic devices mentioned above and a recording medi- 
um, both devices first perform mutual authentication. 
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This means that each device checks that the other is an 
authentic device equipped with the same copyright 
(content) protection mechanism (i.e., a predetermined 
content protection function). When both devices are au- 

5 thentic, they then exchange keys according to a key 
generation algorithm provided in both devices. Both de- 
vices thus obtain an authentication key, and use this key 
to respectively encrypt and decrypt either a content key 
(a different key used to encrypt the digital content), or 

10 the digital content itself. 

[0007] The above technique has the following prob- 
lem. The content protection mechanism (such as the in- 
formation and/ or program used for mutual authentica- 
tion) has to be set in the electronic appliance before it 

is is shipped from the factory. After purchase, the electron- 
ic appliance (or more specifically the programs that run 
on an electronic appliance) may be subjected to tam- 
pering which renders the content protection mechanism 
inoperative. Such a modified electronic appliance can- 

?o not be detected and stopped by mutual authentication 
alone, so that improper use of the contents becomes 
possible. 

[0008] Digital contents could conceivably be afforded 
better protection by pre-recording revocation informa- 

?5 tion in a special region on a recording medium. Revo- 
cation information shows invalid electronic appliances 
that should be prohibited from accessing contents 
stored on a recording medium. Such revocation infor- 
mation can be in the form of a list of identification infor- 

w> mation for such invalid electronic appliances. When the 
recording medium is loaded into an electronic appliance 
registered in the revocation information, the electronic 
appliance is prohibited from accessing the recording 
medium. In other words, the contents on the recording 

5 medium are protected by invalidating the electronic ap- 
pliance's right to access the recording medium. 
[0009] This method has a drawback in that it is still 
necessary to set such revocation information in a non- 
rewritable region before the recording medium is 

o shipped from the factory. This means that if tampering 
with electronic appliances (or programs of such appli- 
ances) results in the appearance of new types of invalid 
electronic appliances after a recording medium has 
been produced, such appliances cannot be added to the 

5 revocation information on the medium. Illegal access by 
such appliances cannot be prevented. 

SUMMARY OF THE INVENTION 

3 [0010] The present invention was conceived in view 
of the above problem, and has an object of providing a 
storage medium that can refer to revocation information 
and prohibit access to a content by an unauthorized 
electronic appliance, even when the unauthorized elec- 

> tronic appliance appears after the storage medium has 
been manufactured. The invention also aims to provide 
a suitable revocation information updating apparatus 
and method for such medium. 
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[001 1 ] The stated object can be achieved by a storage 
medium that is used having been loaded into an elec- 
tronic appliance, the storage medium including: a con- 
tent storage area for storing a digital content; a revoca- 
tion information storage area for storing, as revocation 
information, information that corresponds to identifica- 
tion information of an electronic appliance that is prohib- 
ited from accessing the digital content stored in the con- 
tent storage area; and a master revocation information 
storage area storing, as master revocation information, 
information that corresponds to identification informa- 
tion of an electronic appliance that is prohibited from up- 
dating the revocation information stored in the revoca- 
tion information storage area. 

[0012] With the stated construction, information cor- 
responding to the identification information of unauthor- 
ized electronic appliances that should not be allowed to 
update the revocation information can be registered in 
advance in the master revocation information storage 
area of the storage medium. By referring to this infor- 
mation, the storage medium can know whether an elec- 
tronic appliance that is trying to access the revocation 
information is an authorized appliance or an unauthor- 
ized appliance. 

[0013] The revocation information is stored in a se- 
cure rewritable storage region, so that even when an 
unauthorized electronic appliance appears after the 
storage medium is manufactured, information corre- 
sponding to the identification information of the electron- 
ic appliance can be additionally registered in the revo- 
cation information storage region. In this way, the unau- 
thorized electronic appliance can be prevented from ac- 
cessing digital productions stored on the storage medi- 
um. 

[001 4] Here, the storage medium may further include: 
a content protecting unit for performing a first judgment 
as to whether an electronic appliance into which the 
storage medium has been loaded has identification in- 
formation that corresponds to the revocation information 
stored in the revocation information storage region, and 
allowing the electronic appliance to access the digital 
content stored in the content storage region only if the 
first judgment is negative; and a revocation information 
updating unit for performing a second judgment as to 
whether the electronic appliance into which the storage 
medium has been loaded has identification information 
that corresponds to the master revocation information 
stored in the master revocation information storage re- 
gion, and allowing the electronic appliance to update the 
revocation information stored in the revocation informa- 
tion storage region only if the second judgment is neg- 
ative. 

[0015] With the stated construction, only electronic 
appliances with identification information that does not 
correspond to the content of the master revocation in- 
formation storage region are allowed to update the rev- 
ocation information stored on the storage medium. This 
means that unauthorized electronic appliances can be 



prevented from tampering with the revocation informa- 
tion. 

[0016] Here, the master revocation information stor- 
age region may be provided in a ROM (read only mern- 
5 ory) in which the master revocation information is stored 
in advance. 

[0017] This protects the storage medium from attacks 
that try to tamper with the master revocation information 
after the storage medium has been manufactured. 
[0018] Here, the storage medium may further include: 
a mutual authentication unit for performing mutual au- 
thentication with the electronic appliance into which the 
storage medium has been loaded before the revocation 
information updating means performs the second judg- 
ment and, if the mutual authentication succeeds, for 
generating a secret key that can be shared with the elec- 
tronic appliance, wherein the revocation information up- 
dating unit updates the revocation information using the 
secret key generated by the mutual authentication unit . 
[0019] With the stated construction, the crucial iden- 
tification information relating to which devices have au- 
thorization to update the revocation information is trans- 
ferred between the storage medium and an electronic 
appliance in a secure manner. This increases the secu- 
rity with which the revocation information is protected. 
[0020] Here, the revocation information updating unit 
may transmit a secret key, which the electronic appli- 
ance needs to update the revocation information, to the 
electronic appliance only if the second judgment is neg- 
ative. 

[0021] As a result, the result of the judgment as to 
whether an electronic appliance has authority to update 
the revocation information is kept secret. This thwarts 
third parties that try to intercept the communication be- 
tween the storage medium and an electronic appliance. 
[0022] Here, the revocation information may be sort- 
ed into a plurality of groups, the revocation information 
storage region may include a plurality of storage areas, 
and each group may be stored in a different storage ar- 
ea, and 

as the second judgment, the revocation informa- 
tion updating means may judge (1) whether the elec- 
tronic appliance into which the storage medium has 
been loaded has identification information that does not 
correspond to the master revocation information stored 
in the master revocation information storage region, and 
(2) whether the electronic appliance has identification 
information that does not correspond to the revocation 
information in a specified group of revocation informa- 
tion that the electronic appliance wishes to update, the 
second judgment being negative only when both (1 ) and 
(2) are affirmative, and the revocation information up- 
dating means allowing the electronic appliance to up- 
date only the revocation information in the specified 
group. 

[0023] As a result, even when an unauthorized third 
party manages to tamper with the revocation informa- 
tion, the damage will be limited to one group of revoca- 
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tion information. Other groups of revocation information 
are unaffected. 

[0024] The stated object can also be achieved by a 
method for updating revocation information on a storage 
medium, the method including: a detection step for de- 
tecting whether the storage medium has been loaded 
into an electronic appliance; a judgment step for per- 
forming a first judgment as to whether first identification 
information of the electronic appliance does not corre- 
spond to the master revocation information stored in the 
master revocation information storage region of the stor- 
age medium; and an updating step for updating the rev- 
ocation information stored in the revocation information 
storage region only when the first judgment is affirma- 
tive. 

[0025] The stated object can also be achieved by a 
revocation information updating apparatus for updating 
revocation information on a storage medium, the appa- 
ratus including: a first identification information storage 
unit for storing first identification information that does 
not correspond to the master restricted region stored in 
the master revocation information storage region of the 
storage medium; a permission obtaining unit for obtain- 
ing, using information corresponding to the first identifi- 
cation information stored in the first identification infor- 
mation storage means, permission from the storage me- 
dium to update the revocation information stored on the 
storage medium; and an updating unit for updating the 
revocation information stored on the storage medium in 
accordance with the permission obtained by the permis- 
sion obtaining unit. 



BRIEF DESCRIPTION OF THE DRAWINGS 

[0026] These and other objects, advantages and fea- 
tures of the invention will become apparent from the fol- 
lowing description taken in conjunction with the accom- 
panying drawings which illustrate a specific embodi- 
ment of the invention. In the drawings: 

FIG. 1 shows the overall construction of a copyright 
protection system that is an embodiment of the 
present invention; 

FIG. 2 is a block diagram showing the construction 
of a content distribute system (CDS); 
FIG. 3 is a block diagram showing the construction 
of a PM (recording medium); 

FIG. 4 shows the composition and recorded content 

of an open ROM region of a PM; 

FIG. 5 shows the logical storage regions of the 

CDS; 

FIG. 6 is a block diagram showing the construction 
of a recording/playback apparatus (portable device 
(PD); 

FIG. 7 shows the logical storage regions of the PD; 
FIG. 8 is a block diagram showing the construction 
of a content usage management system (License 
Compliant Module (LCM)); 



FIG. 9 shows the logical storage regions of the 
LCM; 

FIG. 1 0 shows the former part of the communication 
between the CDS and the PM and the processing 
5 flow; 

FIG. 11 shows the latter part of the communication 
between the CDS and the PM and the processing 
flow; and 

FIG. 12 shows the communication between the PM 
10 and the PD and the processing flow. 

DESCRIPTION OF THE PREFERRED EMBODIMENT 



[0027] The following describes an embodiment of the 
is present invention with reference to the attached figures. 
[0028] FIG. 1 shows the construction of a copyright 
protection system 1 00 according to the present embod- 
iment. 

[0029] This copyright protection system 100 protects 
20 the copyrights over digital material that is distributed 
electronically or through the use of recording media. As 
shown in FIG. 1 , the copyright protection system 100 is 
composed of a content distribute system (CDS) 1 in the 
form of a vending machine that electronically distributes 
25 music contents via a communication network such as 
the Internet, a recording medium (hereinafter portable 
media (PM) ) 1 3 for storing music contents, a recording/ 
playback apparatus (hereinafter, portable device (PD)) 
12 that is portable and can record music contents onto 
30 the PM 13 and playback music contents from PM 13, 
and a content usage control system (hereinafter, license 
compliant module (LCM) 21) that manages the record- 
ing, playback and transfer of music contents. 
[0030] The CDS 1, the PM 13, and the PD 12 are 
35 equipped with a function or construction that updates 
the revocation information described above to prevent 
unauthorized electronic appliances from making im- 
proper accesses to digital productions, even if the exist- 
ence of such unauthorized appliances is discovered af- 
40 ter the manufacture of the CDS 1, the PM 13, the PD 
12, and the LCM 21. 

[0031] FIG. 2 is a block diagram showing the con- 
struction of the CDS 1 . The frame numbered 40 repre- 
sents an electronic music distributor (EMD), such as a 
musicserver or broadcast station. The frame numbered 
41 represents a revocation information licensing entity 
(RLE). When an unauthorized electronic appliance is 
newly discovered, this RLE 41 issues new revocation 
information including identification information for that 

50 electronic appliance. 

[0032] The CDS 1 can be realized by a specialized 
terminal (such as a kiosk terminal) and can be located 
in a record shop as one example. This CDS 1 is con- 
nected to the EMDs.40 and RLE 41 via transfer paths, 

55 and is composed of a secure music server (SMS) 2, an 
EMDJ/F (interface) unit 3, a PD l/F unit 5, a media l/F 
unit 6, a concealed region driver 7, a registry storing unit 
8, a license storing unit 9, a music data storing unit 10, 
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a revocation information receiving unit 1 4, a user l/F unit 
15, and a revocation information storing unit 16. 
[0033] The functions of the CDS 1 are described be- 
low. 

(1) Content Recording (Purchasing) Function 

[0034] The CDS 1 records a content indicated by the 
user onto a PM 13 loaded into the CDS 1 . This corre- 
sponds to when the user purchases the content. 

(2) Revocation Information Updating Function 

[0035] The CDS 1 updates the revocation information 
on a PM 13 loaded into the CDS 1 . This revocation in- 
formation shows which electronic appliances should be 
invalidated. 

[0036] The EMD_I/F unit 3 is a communication adapt- 
er or the like for connecting the CDS 1 to a plurality of 
EMD 40. The PDJ/F unit 5 is a USB (Universal Serial 
Bus) or the like that connects a PD 12 to the CDS 1 .The 
media_l/F unit 6 is a PCMCIA (Personal Computer 
Memory Card International Association) card slot or the 
like for loading a PM 1 3 into the CDS 1 . The revocation 
information receiving unit 14 is a communications 
adapter, or the like, which receives revocation informa- 
tion that is to be newly registered. The user l/F unit 15 
includes an LCD (liquid crystal display) and switches, 
button keys, or the like. 

[0037] The music data storing unit 1 0 is a flash mem- 
ory for storing encrypted music contents. The registry 
storing unit 8 is a memory storing attribute information 
and the like for the music contents stored in the music 
data storing unit 10. 

[0038] The license storing unit 9 is a memory for stor- 
ing a key, or other such information, that is used when 
decrypting an encrypted music content stored in the mu- 
sic data storing unit 1 0. The revocation information stor- 
ing unit 16 is a memory for temporarily storing revoca- 
tion information, such as revocation information re- 
ceived from the RLE 41 . 

[0039] The concealed region driver 7 is a control cir- 
cuit, or the like, for accessing the protected storage re- 
gions (described later) of the registry storing unit 8 and 
the like using a confidential procedure that is not made 
public. The SMS 2 is a CPU (Central Processing Unit) 
or the like for executing processing that controls the oth- 
er components to achieve the two functions mentioned 
above. 

[0040] The following describes the functions of the 
components of the CDS 1 and the control performed by 
the SMS 2 separately for the two functions (1) and (2) 
given above. 

(1) Content Recording (Purchasing) Function 

[0041] In the CDS 1, contents are protected against 
unauthorized use by having the contents encrypted and 
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decrypted using identification information (a media ID) 
of each recording medium (PM 13) onto which the con- 
tents are recorded. 

[0042] The CDS 1 includes three reception units num- 
5 bered #1 to #3 that each correspond to one of the three 
EMDs 40 also numbered #1 to #3. Encrypted contents 
(in the present example, music contents) and license in- 
formation (usage conditions, encrypted content decryp- 
tion keys etc.) distributed by the three EMDs 40 are re- 
10 ceived via the corresponding reception units #1 to #3. 
The encrypted contents distributed by the each EMD 40 
can be produced using different encryption methods 
and different audio encoding methods. Each of the re- 
ceiving units #1 to #3 may also be equipped with func- 
15 tions for playing back received audio and for billing the 
user. This billing function enables the user to purchase 
contents as desired. 

[0043] The SMS 2 receives, via the EMDJ/F unit 3, 
encrypted contents that have been purchased by the us- 
20 ex. When necessary, the EMDJ/F unit 3 decrypts en- 
crypted contents that have been subjected to the audio 
encoding and encryption methods used by the different 
EMDs 40 and converts (re-encrypts) the contents using 
an audio coding format and encryption format used by 
25 the CDS 1. 

[0044] On receiving an encrypted content, the SMS 2 
stores the encrypted content in the music data storing 
unit 10 and stores the key (the encrypted content de- 
cryption key) for decrypting the encrypted content in the 
30 license storing unit 9. The SMS 2 may be provided with 
a playback function to allow users to listen to a music 
content that has been distributed. When this is the case, 
the music contents managed by the SMS 2 may be re- 
produced on the CDS 1 . 
35 [0045] The SMS 2 is equipped with a function for out- 
putting an encrypted content (music content) stored in 
the music data storing unit 10 via the media_l/F unit 6 
to a PM 1 3, such as a memory card, that is loaded into 
the mediaJ/F unit 6. 
40 [0046] By setting a PM 1 3 in the PD 1 2, the user can 
have the encrypted contents (music contents) recorded 
on the PM 13 decrypted and played back by the PD 12. 
The SMS 2 can record contents on the PM 13 either 
directly via the mediaJ/F unit 6 or indirectly via the PD 
45 12. 

[0047] The user can also set the PM 13 in the LCM 
21 . The LCM 21 decrypts and plays back the encrypted 
(music) contents recorded on the PM 13. Alternatively, 
the user can have the encrypted (music) contents on the 
50 PM 13 transferred onto the LCM 21 for storage in the 
LCM 21 thereafter. 

(2) Revocation tnformation Updating Function 

55 [0048] The revocation information is used to identify 
electronic appliances (PDs, LCMs, etc.) that should be 
invalidated from using a PM 13 in order to protect the 
contents on the PM 13. Here, "using a PM 13" means 
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recording contents on a PM 1 3 or reading and/or playing 
back contents recorded on a PM 13. This revocation in- 
formation is prerecorded on a PM 13 during manufac- 
ture. 

[0049] The revocation information updating function 
is performed by an electronic appliance that has special 
permission (CDS 1 in the present example) . When nec- 
essary, this function uses new revocation information to 
update the revocation information that was recorded on 
a PM 13 during manufacture. The revocation informa- 
tion needs to be updated when unauthorized appliances 
that should be invalidated are newly discovered. 
[0050] The CDS 1 is equipped with a revocation infor- 
mation receiving unit 14 that receives new revocation 
information from the RLE 41 . The new revocation infor- 
mation transferred from the RLE 41 to the CDS 1 is en- 
crypted to prevent tampering on the transfer path be- 
tween the two devices. As one example, this encryption 
may use an encryption key that is shared by the RLE 41 
and the CDS 1 beforehand. 

[0051 ] The SMS 2 receives the encrypted new revo- 
cation information that has been issued by the RLE 41 
via the revocation information receiving unit 14. The 
SMS 2 decrypts the encrypted new revocation informa- 
tion and stores the resulting new revocation information 
in the revocation information storing unit 1 6. When a PM 
13, such as a memory card, is loaded into the mediaj/ 
F unit 6 (i.e., when the media_l/F unit 6 detects that a 
PM 13 has been inserted), a function provided in the 
SMS 2 has the new revocation information in the revo- 
cation information storing unit 16 outputted to the PM 
1 3 via the media_l/F unit 6. The SMS 2 can record new 
revocation information on a PM 13 directly via the 
media_J/F unit 6 or indirectly via a PD 12. 
[0052] The following describes the various types of 
revocation information. Note that the recording media 
(here, PM 13) is not limited to the storage of digitized 
music, and may alternatively be used for recording an 
application system, like a so-called "electronic book". In 
this case, revocation information is issued for each ap- 
plication system. As a result, electronic appliances can 
be revoked separately for each of the application sys- 
tems and so that only electronic appliances with special 
permission for a given application system can be al- 
lowed to update the revocation information correspond- 
ing to that application system. In the present example, 
the CDS 1 is permitted to update only the revocation 
information for electronic appliances (e.g., PD, LCM) 
that handle digitized music. 

[0053] With this arrangement, even if a user tampers 
with the revocation information updating function of the 
CDS 1 , this will not affect other application systems as 
the user will still be prevented from updating the revo- 
cation information of other application systems. 
[0054] It is also possible to revoke an electronic ap- 
pliance, such as the CDS 1 , that has the special permis- 
sion to update the revocation information using special 
revocation information (hereafter called "master revoca- 



tion information") that is registered on a PM 13. In other 
words, master revocation information showing the spe- 
cial electronic appliances that have special permission 
to update the revocation information can also be tntro- 
5 duced into the copyright protection system 1 00 as a 
blacklist of unauthorized electronic appliances that 
would otherwise be capable of changing the revocation 
information. . . 

[0055] As one example, suppose that the revocation 
to information updating function of a particular CDS 1 is 
modified so as to allow unauthorized use. Information 
that identifies this type of CDS 1 can be added to the 
master revocation information so as to prevent the mod- 
ified CDS 1 accessing the revocation information. This 
15 makes it possible to prevent unauthorized tampering 
with the revocation information. 

[0056] Note that in the present embodiment, the mas- 
ter revocation information is assumed to be updated us- 
ing a different method to the updating method disclosed 

20 by the present invention. The master revocation infor- 
mation is instead updated by issuing a recording medi- 
um on which the new master revocation information is 
recorded and then using this medium to replace an old 
recording medium on which the old master revocation 

25 information was recorded. 

[0057] FIG. 2 is a block diagram showing the con- 
struction of the PD 12. This device is capable of record- 
ing and playback. 

[0058] FIG. 3 is a functional block diagram showing 
30 the construction of the PM 1 3. As shown in the diagram, 
the PM 1 3 includes a controller 130 and a recording me- 
dium part that is made up of an open region 131 and a 
concealed region 134. 

[0059] The concealed region 1 34 is a logical storage 

55 region that can only be accessed via the controller 1 30 
using a secret procedure. This concealed region 134 is 
used to store information that is required when decrypt- 
ing a content. As shown in FIG. 3, the concealed region 
1 34 is made up of a concealed ROM region 1 35 in which 

40 a secret constant (such as the unique master media key 
KM-M that is described later) is stored and a concealed 
rewritable (RW) region 136 that stores secret variables 
(such as a license decrypting key (described later) sup- 
plied by the licenser, a content decrypting key that has 

^5 been encrypted, and a unique media key KM-1). This 
content decrypting key that has been encrypted (here- 
after called the "encrypted content key") is produced by 
encrypting the content key KC used for decrypting the 
content C using the unique media key KM-1 that is 

50 unique to the PM 13. 

[0060] The unique master media key KM-M and the 
unique media key KM-1 need to be set at different val- 
ues for each PM 1 3, with it being possible to use different 
kinds of identification information for each PM 13, such 

55 as a serial number or a product number (the product 
number of each PM 13 or the production lot number). 
However, the KM-M and KM-1 may instead be produced 
from unique identification information of the PM 13 and 
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the license decryption key. As examples, the concealed 
ROM region 135 can be physically provided in ROM (i. 
e., read only non-volatile memory), while the concealed 
RW region 136 can be provided in a flash memory (i.e., 
a rewritable non-volatile memory). 
[0061] The open region 1 31 is separate from the con- 
cealed region and can be accessed by conventional pro- 
cedures. This open region 131 is composed of a read- 
only open region 132 (hereafter called the "open ROM 
region") and a rewritable open region 133 (hereafter 
called the "open RW region"). As shown in FIG. 4, it is 
assumed that the open ROM region 132 also includes 
a region : (hereafter called the "open ROM-W region 
132a") that can be only be rewritten according to a se- 
cret procedure. 

[0062] FIG. 4 shows the composition of the open 
ROM region 1 32 of the PM 1 3 and its stored content. As 
one example, the open ROM region 132 can physically 
provided within a ROM, for example, while the open RW 
region 133 and the open ROM-W region 132a can be 
physically provided within a flash memory. The open 
ROM region 1 32, the open RW region 1 33, and the open 
ROM-W region 132a may be respectively provided in 
the same ROM as the concealed ROM region 135 and 
the same flash memory as the concealed RW region 
136. 

[0063] The master revocation information (RL-M) is 
registered in advance in the open ROM region 132 
(hereafter used to mean parts of the open ROM region 
132 that are not the open ROM-W region 132a) before 
the PM 13 is shipped from the factory. One or more sets 
of revocation information (RL-1, RL-2 ...) are also reg- 
istered in advance in the open ROM-W region 132a be- 
fore shipping. Such sets of revocation information can 
be replaced (updated) by executing the revocation in- 
formation updating function of the CDS 1 (or the like), 
which results in new revocation information being writ- 
ten into the open ROM-W region 1 32a via the controller 
1 30 of the PM 1 3 according to a secret procedure. Note 
that one or more sets of revocation information that do 
not need to be updated according to the method of the 
present invention may also be registered in advance in 
the open ROM region 132. 

[0064] In the present embodiment, the master revo- 
cation information and the one or more sets of revoca- 
tion information are lists of identification information 
(64-bit device IDs) of electronic appliances that should 
be revoked. As a result, the following explanation will 
refer to each set of revocation information as a "revoca- 
tion list RL". The master revocation information will be 
referred to as "RL-M", and each set of revocation infor- 
mation as "RL-1", "RL-2" etc. In this example, the revo- 
cation list RL-1 is used to revoke electronic appliances 
(such as a PD or an LCM) that record or play back dig- 
itized music. 

[0065] Contents that have been encrypted (hereafter 
simply "encrypted contents") and other data are stored 
as required in the open RW region 133. These contents 



are encrypted using the content key KC. 
[0066] FIG. 5 shows the logical storage regions of the 
CDS 1. The CDS 1 has an open region 111, which is 
made up of the open ROM region 1 1 2 and the open RW 

s region 1 1 3, and a concealed region 1 1 4 that can only be 
accessed according to a secret procedure. The music 
data storing unit 10 shown in FIG. 2 is provided in the 
open RW region 113. The open ROM region 112 in- 
cludes an open ROM-W region (not illustrated) in which 

10 the revocation information storing unit 1 6 shown in FIG. 
2 is provided, in this embodiment, the SMS 2 shown in 
FIG. 2 decrypts the encrypted new revocation informa- 
tion that is received from the RLE 41 and stores the de- 
crypted new revocation information into this open ROM- 

15 w region using a secret procedure. 

[0067] The identification information (device ID) 
ID_CDS is stored in advance in the concealed region 
114. A content key KC for each content is also stored 
as necessary in the concealed region 114. The con- 

20 cealed region 114 also provides the registry storing unit 
8 shown in FIG. 2. All of the music contents that are 
stored in the music data storing unit 1 0 (in the open RW 
region 1 1 3) and are managed by the SMS 2 have a con- 
tent ID (TID) and other such identification information as 

25 their attributes. This attribute information is called the 
"registry" and is stored in the registry storing unit 8 (pro- 
vided in the concealed region 114). 
[0068] The CDS 1 has a concealed region driver 7 that 
performs a special secret procedure to enable the SMS 

30 2 to access the registry storing unit 8 in the concealed 
region 114 and then read data from the registry storing 
unit 8. Note that the registry has no direct bearing on the 
present invention, and so its use will not be described 
in detail. 

35 [0069] The PD 12 includes an open region 121 , made 
up of the open ROM region 1 22 and the open RW region 
123, and a concealed region 124 that can only be ac- 
cessed by a secret procedure. The identification infor- 
mation ID_PD of the PD 12 is permanently registered in 

40 the concealed region 124. A content key KC for each 
content is also stored in the concealed region 124. 
[0070] FIG. 6 is a block diagram showing the con- 
struction of the PD 12. FIG. 7 shows the logical storage 
regions provided in the PD 12. 

45 [0071 ] The PD 1 2 Is a semiconductor audio playback 
device or the like. As shown in FIG. 6, the hardware con- 
struction of the PD 12 includes a CPU 12a, a RAM 12b, 
a ROM 12c, a flash memory 12d, an external appliance 
l/F unit 12e, a media J/F unit 12f, a demodulating unit 

so i2g for decrypting encrypted music contents and the 
like, and a decoder unit 1 2h and D/A converter unit 1 2i 
for decoding and processing compressed audio con- 
tents. As shown in FIG. 7, the PD 12 is provided with an 
open region 121 and a concealed region 124. 

55 [0072] The PM 13 is used having been into the media 
l/F unit 12f of the PD 12, as shown in FIG. 6. When the 
CDS 1 reads or writes data via the PD 12, the PD l/F 
unit 5 provided in the CDS 1 accesses the concealed 
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region 134 (see FIG. 3) of the PM 13 via the external 
appliance l/F unit 12e and the media l/F unit 12f of the 
PD 12. 

[0073] The media l/F unit 12f has a concealed region 
access unit (not illustrated) for accessing the concealed 
region 134 of the PM 13. The open RW region 123 and 
the concealed region 124 of the PD 12 are provided, for 
example, in a flash memory. A program that enables mu- 
tual authentication to be performed with the PM 13 is 
written in this ROM 12c. The PD 12 operates in accord- 
ance with this program underthe control of the CPU 1 2a 
to perform mutual authentication with the PM 13. 
[0074] FIG. 8 is a block diagram showing the con- 
struction of the LCM 21. The LCM 21 is realized by a 
personal computer and. with the exception of the func- 
tion for updating the revocation information, has funda- 
mentally the same construction as the CDS 1. In other 
words, the LCM 21 includes an SMS 22, an EMDJ/F 
unit 23, a PDJ/F unit 25, a mediaJ/F unit 26, a con- 
cealed region driver 27, a registry storing unit 28, a li- 
cense storing unit 29, a music data storing unit 30, a 
CDJ/F unit 31 , and a user l/F unit 35.Like the CDS 1 , 
the LCM 21 has the following functions. The LCM 21 
can receive an encrypted content from an EMD 40 and 
store the content within the LCM 21. The LCM 21 can 
record an encrypted content stored within the LCM 21 
onto a PM 13 or read a music content from a PM 13 and 
thereafter store the content within the LCM 21 . 
[0075] FIG. 9 shows the logical storage regions pro- 
vided in the LCM 21. Like the PM 13, the CDS 1, and 
the PD 12, the LCM 21 is provided with an open region 
211, which is composed of an open ROM region 212 
and an open RW region 213, and a concealed region 
214 that can only be accessed using a special proce- 
dure. Identification information ID_LCM for the LCM 21 
is stored beforehand in the concealed region 214 and 
cannot be changed. The concealed region 214 also 
stores a content KC for each content as required. 
[0076] The PM 1 3 is used having been loaded into the 
media l/F unit 26 of the LCM 21 . When reading data from 
or writing data onto a PM 13, the concealed region 1 34 
of the PM 1 3 is accessed by the LCM 21 via the mediaj/ 
F unit 26 of the LCM 21 . The mediaJ/F unit 26 includes 
a concealed region access unit (not illustrated) for ac- 
cessing the concealed region 134 of the PM 13. The 
open RW region 213 and concealed region 214 of the 
LCM 21 can be provided on a flash memory, for exam- 
ple. 

[0077] The open ROM region 212 is provided within 
a ROM. A program that enables mutual authentication 
to be performed with the PM 13 is written in this ROM. 
The LCM 21 operates in accordance with this program 
under the control of a CPU (not illustrated) to perform 
mutual authentication with the PM 13. 
[0078] The following describes the operation of the 
copyright protection system 1 00 of the present embod- 
iment. In the described example, the user inserts the PM 
13 into the CDS 1 and selects a process that records a 



music content distributed by an EMD 40 onto the PM 
13. This corresponds to the user purchasing the music 
content. In this example also, new revocation informa- 
tion that has been issued by an RLE (here, RLE 41 ) and 
5 stored in advance in the CDS 1 is recorded onto the PM 
13 along with the music content. 

[0079] FIGS. 1 0 and 1 1 respectively show the former 
part and latter part of the communication between the 
CDS 1 and the PM 13 and the processing flow for the 

10 described operation. 

[0080] When the user has given, via the user l/F unit 
15 of the CDS 1 for example, an indication to purchase 
a music content and a PM 13 has been loaded into the 
media l/F unit 6, the media l/F unit 6 of the CDS 1 can 

'5 perform mutual authentication (also known as Authen- 
tication and Key Exchange - Master (AKE-M)) with the 
controller 130 of the PM 13 (Step S101). This AKE-M 
procedure is performed by the CDS 1 and the PM 13 as 
follows. 

20 [0081] First, the CDS 1 authenticates the PM 13. A 
CDS 1 that is allowed to update the revocation informa- 
tion is provided with an authentication key K1-M, as is 
the PM 13 (while not illustrated, these keys are stored 
in the concealed ROM regions). The CDS 1 generates 

25 a random number R1 and sends it to the PM 13. On 
receiving the random number Rl generated by the CDS 
1 , the PM 1 3 encrypts the random number R1 using the 
authentication key K1-M and sends the resulting en- 
crypted random number R1 (K1-M[R1]) to the CDS 1. 

30 The CDS 1 uses the authentication key K1 -M to decrypt 
this K1-M[R1] and, if the result is equal to the random 
number Rl, judges that the PM 13 is a proper device. 
[0082] After this, the PM 1 3 performs the same proc- 
essfortheCDS 1 to complete the mutual authentication. 

35 To do so, both the CDS 1 and the PM 13 have an au- 
thentication key K2-M, with the CDS 1 encrypting the 
random number R2 received from the PM 13 using this 
authentication key K2-M and the PM 13 decrypting this 
and confirming that the result is equal to the random 

40 number R2. 

[0083] In the present example, the authentication 
keys K1 -M and K2-M are only supplied to a special elec- 
tronic appliance (here, the CDS 1 ) that is allowed to up- 
date the revocation information, so that ordinary elec- 
ts tronic appliances (such as the LCM 21 ) can be prevent- 
ed from executing the authentication process AKE-M. 
[0084] When the CDS 1 and the PM 13 have found 
each other to be proper devices in the above mutual au- 
thentication AKE-M of step S1 01 , the media l/F unit 6 of 

50 the CDS 1 and the controller 130 of the PM 13 perform 
key exchange to share the same session key (KY1). As 
one example, this session key KY1 can be a value found 
by taking a logical XORforthe random numbers R1 and 
R2 generated during the mutual authentication and then 

55 inputting the result into a secret key generation algo- 
rithm provided in advance in both the CDS 1 and the PM 
13. In this way, the session key KY1 is a time-variant 
key whose value changes every session. 
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[0085] The media l/F unit 6 of the CDS 1 reads the 
master identification information ID-M for the CDS 1 that 
is concealed (stored) within the concealed region 114, 
encrypts this information ID-M using the session key KY- 
1 and sends the resulting encrypted ID-M (=KY1[ID-M]) 
to the PM 13 (step S102). , 

[0086] The controller 130 of the PM 13 decrypts this 
Kyl[ID-M] received from the CDS 1 using the session 
key (KY1 ) that it received during the preceding key ex- 
change and so obtains the ID-M (step S1 03). 
[0087] Next, the controller 130 of the PM 1 3 uses the 
master identification information ID-M of the CDS 1 that 
it has decrypted to refer to the master revocation list RL- 
Min the open ROM region 132. The controller 130 judg- 
es whether the CDS 1 should be prohibited from using 
the PM 13 by checking whether identification informa- 
tion that matches the ID-M is present in the master rev- 
ocation list RL-M, (step S104). 

[0088] If identification information that matches the 
ID-M is present in the master revocation list RL-M, the 
controller 1 30 invalidates (revokes) use of the PM 1 3 by 
the CDS 1 and terminates its processing at this juncture. 
[0089] On the other hand, if identification information 
that matches the ID-M is not present in the master rev- 
ocation list RL-M , the controller 1 30 judges that the CDS 
1 is allowed to use the PM 13 (i.e., to update the revo- 
cation information), and so reads and outputs the unique 
master media key KM-M that is stored in a secret fashion 
in the concealed ROM region 1 35 (step S1 05). The con- 
troller 130 then performs key exchange with the media 
l/F unit 6 of the CDS 1 to share the same session key 
KY-2. before encrypting the read unique master media 
key KM-M using this session key KY-2 and sending the 
resulting encrypted KM-M (=KY2[KM-M]) to the CDS 1 
(step S106). 

[0090] This session key KY2 can be found, for exam- 
ple, as the result given when the session key KY1 de- 
scribed earlier is inputted into a secret key generation 
algorithm provided in advance in the CDS 1 and the PM 

13. 

[0091] The media l/F unit 6 of the CDS 1 decrypts the 
KY2[KM-M] received from the PM 13 using the session 
key KY2 obtained during the preceding key exchange 
and so obtains the unique mastermedia key KM-M (step 

5107) . 

[0092] Next, the media l/F unit 6 of the CDS 1 encrypts 
the new revocation information RL-1 stored in the open 
ROM-W region and the new unique media key KM-1N 
generated by the media l/F unit 6 using the unique mas- 
ter media key KM-M and sends the resulting encrypted 
KM-M[RL-1] and KM-M[KM-1N] to the PM 13 (step 

5108) . 

[0093] The unique media key KM-1 N referred to here 
can be given , for example, as the output value produced 
when the session key KY2 described earlier is inputted 
into a key generation algorithm that is secretly stored in 
the CDS 1 . 

[0094] The controller 130 of the PM 13 decrypts the 



KM-M[RL-1] and the KM-M[KM-1N] received from the 
CDS 1 using the KM-M stored in the concealed ROM 
region 135 and so obtains RL-1 and KM-1 N (step S1 09). 
[0095] Next, the media l/F unit 6 of the CDS 1 and the 

5 controller 1 30 of the PM 1 3 perform a similar mutual au- 
thentication (AKE-1) to the mutual authentication (AKE- 
M) described above (step S110). 
[0096] When doing so, the CDS 1 first authenticates 
the PM 13. To do so, both the CDS 1 and the PM 13 

10 store the same authentication key K1 -1 (which, while not 
illustrated, is stored in the respective concealed ROM 
regions). The CDS 1 generates the random number R3 
and sends it to the PM 13. On receiving this random 
number R3, the PM 1 3 encrypts it using the authentica- 

is tion key K1 -1 and sends the resulting encrypted random 
number (K1-1[R3]) to the CDS 1 . The CDS 1 uses the 
authentication key K1 -1 to decrypt the K1 -1 [R3], checks 
whether the decryption result is equal to the random 
number R3 it generated earlier, and if so, judges that the 

20 pm 13 is a proper device. 

[0097] After this, the PM 1 3 performs the same proc- 
ess for the CDS 1 to complete the mutual authentication. 
To do so, both the CDS 1 and the PM 13 have an au- 
thentication key K2-1 , with the CDS 1 encrypting a ran- 

25 dom number R4 received from the PM 1 3 using this au- 
thentication key K2-1 and the PM 13 decrypting this and 
confirming that the result is equal to the random number 
R4. These authentication keys K1-1 and K2-1 are only 
provided to electronic appliances (in this example, PD 

30 12 and LCM 1 6) that are allowed to use music contents, 
and so can prevent electronic appliances that corre- 
spond to other application systems from performing the 
authentication process AKE-1 . 

[0098] When the CDS 1 and the PM 13 have found 

35 each other to be proper devices in the above mutual au- 
thentication AKE-1 of step S110, the media l/F unit 6 of 
the CDS 1 and the controller 130 of the PM 13 perform 
key exchange to share the same session key (KX1). As 
one example, this session key KX1 can be a value found 

40 by taking a logical XOR for the random numbers R3 and 
R4 generated during the mutual authentication and then 
inputting the result into a secret key generation algo- 
rithm provided in advance in both the CDS 1 and the PM 
13. In this way, the session key KX1 is a time-variant 

45 key whose value changes every time. 

[0099] The media l/F unit 6 of the CDS 1 reads the 
identification information 1D-1 for the CDS 1 that is con- 
cealed (stored) within the concealed region 114, en- 
crypts this information ID-1 using the session key KX-1 

so and sends the resulting encrypted ID-1 (=KX1 [ID-1 ]) to 
the PM 13 (step S1 11). 

[0100] The controller 130 of the PM 13 decrypts this 
KX1[ID-1] received from the CDS 1 using the session 
key (KX1) that it received during the preceding key ex- 
55 change and so obtains the ID-1 (step S112). 

[0101] Next, the controller 130 of the PM 13 uses the 
identification information ID-1 of the CDS 1 that it has 
decrypted to refer to the revocation list RL-1 in the open 
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ROM 132. The controller 130 judges whether the CDS 
1 should be prohibited from using the PM 13 by checking 
whether identification information that matches the ID- 
1 is present in the revocation list RL-1 (step S113). 
[0102] If identification information that matches the 5 
ID-1 is present in the revocation list RL-1 , the controller 
1 30 invalidates (revokes) use of the PM 1 3 by the CDS 
1 and terminates its processing at this juncture. 
[0103] On the other hand, if identification information 
that matches the ID-1 is not present in the revocation 10 
list RL-1, the controller 130 judges that the CDS 1 is 
allowed to use the PM 13 (i.e., to record a content), and 
so updates RL-1 and KM-1 using the new revocation 
information RL-1 N and the new unique media key KM- 
1N received in step S109 (step S114). 15 
[0104] The media l/F unit 6 of the CDS 1 then per- 
forms key exchange with the controller 130 of the PM 
13 to share the same session key KX2, before reading 
the identification information ID-1 from the concealed re- 
gion 114 of the CDS 1 , encrypting it using the session 20 
key KX2, and sending this encrypted ID-1 (=KX2[ID-1]) 
to the PM 13 (step S115). As one example, this session 
key KX2 can be a value found as the output given when 
the session key KX1 is inputted into a secret key gen- 
eration algorithm provided in advance in both the CDS 25 
1 and the PM 13. 

[0105] The controller 130 of the PM 13 decrypts the 
KX-2[ID-1] received from the CDS 1 using the session 
key (KX2) obtained in the preceding key exchange, and 
so obtains ID-1 (step S116). 30 
[01 06] Next, the controller 130 of the PM 1 3 uses the 
decrypted identification information of the CDS 1 to refer 
to the new revocation list RL-1 N in the open ROM re- 
gion, and judges whether to prevent the CDS 1 from us- 
ing the PM 1 3 according to whether identification infor- 35 
mation that matches ID-1 is present in the revocation 
list RL-1N (step S117). 

[0107] If identification information that matches ID-M 
is present in the revocation list RL-1 N, the controller 130 
judges that the present CDS 1 should be prevented from 40 
using the PM 13 (i.e., "revoked") and so terminates its 
processing at this juncture. 

[0108] On the other hand, if identification information 
that matches the ID-1 is not present in the master rev- 
ocation list RL-1 N, the controller 130 judges that the *s 
CDS 1 is allowed to use the PM 13 (i.e., to record a con- 
tent), and so reads and outputs the unique media key 
KM-1 N that is stored in a secret fashion in the concealed 
ROM region 135 (step S118). The controller 130 then 
performs key exchange with the media l/F unit 6 of the so 
CDS 1 to share the same session key KX3, before en- 
crypting the read unique media key KM-1 N using this 
session key KX3 and sending the resulting encrypted 
KM-1N (=KX3[KM-1N]) to the CDS 1 (step S119). As 
one example, this session key KX3 can be a value found 55 
as the output given when the session key KX2 is input- 
ted into a secret key generation algorithm provided in 
advance in both the CDS 1 and the PM 13. 



[0109] The media l/F unit 6 of the CDS 1 decrypts the 
KX3[KM-1 N] received from the PM 1 3 using the session 
key KX3 obtained during the preceding key exchange, 
and so obtains the unique media key KM-1N (step 

5120) . 

[0110] The media l/F unit 6 of the CDS 1 next uses 
the unique media key KM-1 N to encrypt the content key 
KC that is stored in a secret fashion in the concealed 
region 114, and sends the resulting encrypted KM-1 N 
[KC] to the concealed RW region of the PM 13 (step 

5121) . 

[0111] The media l/F unit 6 of the CDS 1 sends the 
encrypted content KC[C] stored in the open RW region 
113 to the open RW region of the PM 13 (step S122). 
[01 12] In this way, the method of the present embod- 
iment allows the CDS 1 to receive the encrypted master 
media key KM-M from a PM 13 only if the CDS is not 
invalidated (revoked) according to the master revoca- 
tion list RL-M. The new revocation information RL-1 
stored in the open ROM region 114 and the unique me- 
dia key KM-1 N are encrypted using this unique master 
media key KM-M and are sent to the PM 13. 
[0113] As a result, CDS apparatuses that should be 
invalidated according to the master revocation list RL- 
M (i.e., electronic appliances that attempt to update the 
revocation information of the PM 13) will definitely be 
invalidated (excluded). If a device is invalidated accord- 
ing to the revocation list RL-1 , the PM 1 3 will not update 
the new revocation information RL-1 or the unique me- 
dia key KM-1 N. In the same way, the encrypted unique 
media key KM-1 N will only be transferred to the CDS 1 
from the PM 13 if the CDS 1 is not invalidated according 
to the new revocation list RL-1 N. The content key KC 
stored in the concealed region 114 of the CDS 1 is then 
encrypted using the unique media key KM1-N and sent 
to the PM 13. In this way, CDS apparatuses that should 
be invalidated according to the new revocation list RL- 
1N (i.e., electronic appliances that attempt to use the 
PM 13) will definitely be invalidated (excluded). 
[0114] The following describes the operation when 
the PD 1 2 decrypts and plays back an encrypted content 
stored in the PM 13. While this explanation focuses on 
the case when the content is decrypted and played back 
by the PD 1 2, exactly the same procedure is used when 
contents are decrypted and played back by the LCM 21 . 
[0115] FIG. 12 shows the communication between 
the PM 13 and the PD 12 and processing flow in this 
case. 

[0116] When the user instructs the PD 1 2 to play back 
a content from a PM 13 that has been loaded into the 
media l/F unit 1 2f of the PD 1 2, the CPU 1 2a of the PD 
1 2 and the controller 1 30 of the PM 1 3 perform a similar 
mutual authentication AKE-1 to step S110 (step S201). 
When the CDS 1 and the PM 1 3 have found each other 
to be proper devices in the mutual authentication of step 
S201,theCPU 12a of the PD 12 and the controller 130 
of the PM 13 perform key exchange to share the same 
session key (KX4). 
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[0117] The CPU 12a of the PD 12 reads the identifi- 
cation information ID-PD of the PD 12 that is concealed 
within the concealed region 124, and encrypts the iden- 
tification information ID-PD using the session key KX4. 
The media l/F unit 12f then sends the encrypted ID-PD 5 
(=KX4[ID-PD]) to PM 13 (step S202). 
[0118] The controller 130 of the PM 13 decrypts the 
KX4 [ID-PD] that it receives from the PD12 using the 
session key KX4 it received during the preceding key 
exchange and so obtains the ID-PD (step S203). 10 
[0119] The controller 130 of the PM 13 searches for 
the decrypted identification information ID-PD of the PD 
12 in the revocation list RL-1N in the open ROM-W re- 
gion and judges whether the PD 12 should be prohibited 
from using the PM 1 3 according to whether identification is 
information that matches the ID-PD is present (step 
S204). 

[0120] On finding identification information that 
matches the ID-PD in the revocation list RL-1 N, the con- 
troller 130 judges that the PD 12 should be invalidated 20 
from using the PM 13 (i.e., revoked) and terminates its 
processing at this juncture. 

[0121] On the other hand, if identification information 
that matches the ID-PD is not present in the revocation 
list RL-1 N, the controller 130 judges that the PD 12 is 25 
allowed to use the PM 1 3, and so reads and outputs the 
unique media key KM-1N that is concealed in the con- 
cealed RW region 136 (step S205). The controller 130 
then performs a key exchange with the CPU 12a of the 
PD 1 2 (via the media l/F unit 1 2f of the PD 1 2) to share 30 
the same session key KX5. The controller 1 30 encrypts 
the read unique media key KM-1 N using this session 
key KX5 and sends the resulting encrypted KM-1N 
(=KX5[KM-1N]) to the PD 12 (step S206). This session 
key KX5 can be found, for example, as the result given 35 
when the session key KX4 described earlier is inputted 
into a secret key generation algorithm provided in ad- 
vance in the PD 12 and the PM 13. 
[0122] The CPU 12a of the PD 12 decrypts the KX5 
[KM-1 N] received from the PM 13 using the session key 40 
KX5 obtained during the preceding key exchange and 
so obtains the unique media key KM-1N (step S207). 
[0123] Next, the CPU 12a of the PD 12 reads the en- 
crypted content key KC stored in the concealed RW re- 
gion 1 36 of the PM 13 and decrypts it using the unique 45 
media key KM-1 N obtained in step S207 (step S208). 
Next, the CPU 1 2a of the PD12 reads the encrypted con- 
tent C (=KC[Cj) that is stored in the open RW region 1 33 
of the PM 13, decrypts the encrypted content KC[C] us- 
ing the content key KC obtained in step S208, and plays so 
back the content (step S209). 

[0124] In this way, the method of the present embod- 
iment allows the PD 1 2 to receive the encrypted unique 
media key KM-1 N from a PM 1 3 only if the PD 1 2 is not 
invalidated (revoked) according to the revocation list 55 
RL-1N. The encrypted content key (KM-1N[KC]) con- 
cealed in the concealed RW region of the PM 1 3 is then 
decrypted using the unique media key KM1-N and is 



used by the PD 12 to decrypt the encrypted content. In 
this way, PDs that should be invalidated according to 
the new revocation list RL-1 N (i.e., electronic appliances 
that attempt to use the PM 13) will definitely be invali- 
dated. 

[0125] While the copyright protection system 100 of 
the present invention has been explained by means of 
the embodiment given above, it should be obvious that 
the present invention is not limited to the details given 
above. 

[01 26] For example, while the copyrighted digital ma- 
terial that is protected by the embodiment is music, vid- 
eo data for a movie or data for a computer program, such 
as game software, may also be protected. 
[0127] Note that while the present embodiment de- 
scribes the case where a session key (numbered KYI or 
KXI) is used to encrypt information that is or should be 
concealed in a concealed region when transferring the 
information between the CDS 1 and the PM 13 or be- 
tween the PD 1 2 and the PM 1 3, such encryption is not 
absolutely necessary. However, encryption using a ses- 
sion key is preferable to increase the security with which 
contents can be protected. 

[0128] In the present embodiment, the master revo- 
cation list RL-M and the revocation lists RL-1 and RL- 
1N are described as being registered in the open ROM 
region 132 or in the open ROM-W region, although such 
revocation lists may be stored in any region that cannot 
be altered. As one example, the lists may be stored in 
the concealed region 134 which can only be accessed 
according to a special procedure. 
[0129] While the above embodiment describes the 
case where the encrypted content key (KM-1 N[KC]) is 
stored in the concealed RW region 136, this key may 
instead be stored in the open RW region 133. 
[0130] While the above embodiment describes the 
case where the identification information of an electronic 
appliance is transferred from the electronic appliance to 
a recording medium, such transfer is not limited to this 
direction. This is to say, a recording medium may trans- 
fer identification information to an electronic appliance. 
[0131] As one example, a recording medium may 
store values E (ID,K1) and values E(ID,K2) in advance 
as the revocation information. The values E(ID,K1) are 
obtained by encrypting a predetermined first key K1 us- 
ing the identification information ID of electronic appli- 
ances that are allowed to access contents on the record- 
ing medium. Conversely, the values E (ID, K2) are ob- 
tained by encrypting a predetermined second key K2 us- 
ing the identification information ID of electronic appli- 
ances that are prohibited from accessing contents on 
the recording medium. 

[0132] When the recording medium is attached to an 
electronic appliance, the recording medium sends the 
revocation information E described above to the elec- 
tronic appliance together with a random number R. 
[0133] On receiving the revocation information E and 
random number R, the electronic appliance decrypts the 
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revocation information E using its own identification in- 
formation. When the electronic appliance has not been 
revoked, this decrypting results in the electronic appli- 
ance obtaining the first key K1. Conversely, when the 
electronic appliance has been revoked, this decrypting 
results in the electronic appliance obtaining the second 
key K2. The electronic appliance then encrypts the ran- 
dom number R using the key K (K1 or K2) that is de- 
crypting result and sends the obtained value E(K,R) to 
the recording medium. 

[0134] The recording medium decrypts the value E(K, 
R) it receives and compares the result (the random 
number R') with the random number R it transmitted to 
the electronic appliance. When these values match, the 
recording medium allows the electronic appliance to ac- 
cess contents. The master revocation information may 
have the same content and be checked using the same 
procedure, and the direction used to transfer the identi- 
fication information of an electronic appliance may be 
reversed. 



10 



15 



20 



Claims 

1 . A storage medium that is used having been loaded 
into an electronic appliance, the storage medium 
comprising: 

a content storage area for storing a digital con- 
tent; 

a revocation information storage area for stor- 
ing, as revocation information, information that 
corresponds to identification information of an 
electronic appliance that is prohibited from ac- 
cessing the digital content stored in the content 
storage area; and 

a master revocation information storage area 
storing, as master revocation information, infor- 
mation that corresponds to identification infor- 
mation of an electronic appliance that is prohib- 
ited from updating the revocation information 
stored in the revocation information storage ar- 
ea. 

2. A storage medium in accordance with Claim 1 , fur- 
ther comprising: 

content protecting means for performing a first 
judgment as to whether an electronic appliance 
into which the storage medium has been load- 
ed has identification information that corre- 
sponds to the revocation information stored in 
the revocation information storage region, and 
allowing the electronic appliance to access the 
digital content stored in the content storage re- 55 
gion only if the first judgment is negative; and 
revocation information updating means for per- 
forming a second judgment as to whether the 
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electronic appliance into which the storage me- 
dium has been loaded has identification infor- 
mation that corresponds to the master revoca- 
tion information stored in the master revocation 
information storage region, and allowing the 
electronic appliance to update the revocation 
information stored in the revocation information 
storage region only if the second judgment is 
negative. 

A storage medium in accordance with Claim 2, 

wherein the master revocation information 
storage region is provided in a ROM (read only 
memory) in which the master revocation informa- 
tion is stored in advance. 

A storage medium in accordance with Claim 2, fur- 
ther comprising: 

a mutual authentication means for performing 
mutual authentication with the electronic appli- 
ance into which the storage medium has been 
loaded before the revocation information up- 
dating means performs the second judgment 
and, if the mutual authentication succeeds, for 
generating a secret key that can be shared with 
the electronic appliance, 

wherein the revocation information updating 
means updates the revocation information us- 
ing the secret key generated by the mutual au- 
thentication means. 

5. A storage medium in accordance with Claim 2, 

wherein the revocation information updating 
means transmits a secret key, which the electronic 
appliance needs to update the revocation informa- 
tion, to the electronic appliance only if the second 
judgment is negative. 

6. A storage medium in accordance with Claim 2, 

wherein the revocation information is sorted in- 
to a plurality of groups, the revocation informa- 
tion storage region includes a plurality of stor- 
age areas, and each group is stored in a differ- 
ent storage area, and 

as the second judgment, the revocation infor- 
mation updating means judges 

(1) whether the electronic appliance into 
which the storage medium has been load- 
ed has identification information that does 
not correspond to the master revocation in- 
formation stored in the master revocation 
information storage region, and 

(2) whether the electronic appliance has 
identification information that does not cor- 
respond to the revocation information in a 
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specified group of revocation information 
that the electronic appliance wishes to up- 
date, 

the second judgment being negative only when 5 
both (1) and (2) are affirmative, and the revo- 
cation information updating means allowing the 
electronic appliance to update only the revoca- 
tion information in the specified group. 

10 

7. A storage medium in accordance with Claim 2, 

wherein the revocation information storage re- 
gion stores, as the revocation information, in- 
formation that has been generated by encrypt- 15 
ing a predetermined secret key using identifi- 
cation information of an electronic appliance 
that is prohibited from accessing the digital con- 
tent as a key, 

the content protecting means transmits the rev- 20 
ocation information stored in the revocation in- 
formation storage region to the electronic ap- 
pliance into which the storage medium is load- 
ed, and judges whether information received in 
reply from the electronic appliance exhibits a 25 
predetermined regularity to determine whether 
the electronic appliance has identification infor- 
mation that corresponds to the revocation infor- 
mation stored in the revocation information 
storage region, 30 
the master revocation information storage re- 
gion stores, as the master revocation informa- 
tion, information that has been generated by 
encrypting a predetermined secret key using 
identification information of an electronic appli- 35 
ance that is prohibited from updating the revo- 
cation information as a key, and 
the revocation information updating means 
transmits the master revocation information 
stored in the master revocation information *o 
storage region to the electronic appliance, and 
judges whether information received in reply 
from the electronic appliance exhibits a prede- 
termined type of regularity so as to judge 
whether the electronic appliance has identif ica- 45 
tion information that corresponds to the master 
revocation information stored in the master rev- 
ocation information storage region. 

8. A method for updating revocation information on a so 
storage medium, the storage medium being used 
having been loaded into an electronic appliance 
and including (1 ) a content storage area for storing 

a digital content, (2) a revocation information stor- 
age area for storing, as revocation information, in- 55 
formation that corresponds to identification informa- 
tion of an electronic appliance that is prohibited from 
accessing the digital content stored in the content 



storage area, and (3) a master revocation informa- 
tion storage area storing, as master revocation in- 
formation, information that corresponds to identifi- 
cation information of an electronic appliance that is 
prohibited from updating the revocation information 
stored in the revocation information storage area, 
the method comprising: 

a detection step for detecting whether the stor- 
age medium has been loaded into an electronic 
appliance; 

a judgment step for performing a first judgment 
as to whether first identification information of 
the electronic appliance does not correspond 
to the master revocation information stored in 
the master revocation information storage re- 
gion of the storage medium; and 
an updating step for updating the revocation in- 
formation stored in the revocation information 
storage region only when the first judgment is 
affirmative. 

9. The revocation information updating method of 
Claim 8, 

wherein the updating step has information 
corresponding to second identification information 
of an electronic appliance stored in the revocation 
information storage region as new revocation infor- 
mation. 

10. A revocation information updating method in ac- 
cordance with Claim 9, further comprising: 

a mutual authentication step where mutual au- 
thentication is performed between the electron- 
ic appliance and the storage medium and, only 
if the mutual authentication succeeds, a secret 
key that is to be shared by the electronic appli- 
ance and the storage medium is generated, 
wherein the updating step updates the revoca- 
tion information using the secret key generated 
during the mutual authentication step. 

11. A revocation information updating method in ac- 
cordance with Claim 10, 

wherein the updating step includes: 

a transfer substep for encrypting, when the first 
judgment is affirmative, information that corre- 
sponds to the second identification information 
of the electronic appliance using the secret key 
generated during the mutual authentication 
step, and having the encrypted information 
transferred from the electronic appliance to the 
storage medium; and 

a storage substep for decrypting the transferred 
encrypted information using the secret key and 
storing the information in the revocation infor- 
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mation storage region as new revocation infor- 
mation. 

12. A revocation information updating method in ac- 
cordance with Claim 9, s 

wherein the judging step includes a judging 
substep for performing a third judgment as to 
whether the second identification information 
corresponds to the revocation information 10 
stored in the revocation information storage re- 
gion, and 

when the first judgment is affirmative and the 
third judgment is negative, the updating step 
^ has the second identification information stored 15 
in the revocation information storage region as 
new revocation information. 

13. A revocation information updating method in ac- 
cordance with Claim 9, 

wherein the master revocation information stor- 
age region stores, as the master revocation in- 
formation, information produced by encrypting 
a special secret key using identification infor- 
mation of an electronic appliance that is prohib- 
ited from updating the revocation information 
as a key, and 

the judging step transmitting the master revo- 
cation information stored in the master revoca- 
tion information storage region to the electronic 
appliance into which the storage medium has 
been loaded and judging whether the identifi- 
cation information of the electronic appliance 
corresponds to the master revocation informa- 
tion stored in the master revocation information 
restricted region on the storage medium by 
judging whether a response received from the 
electronic appliance exhibits a predetermined 
type of regularity. 

1 4. A revocation information updating apparatus for up- 
dating revocation information on a storage medium, 
the storage medium being used having been loaded 
into an electronic appliance and including (1 ) a con- 
tent storage area for storing a digital content, (2) a 
revocation information storage area for storing, as 
revocation information, information that corre- 
sponds to identification information of an electronic 
appliance that is prohibited from accessing the dig- 
ital content stored in the content storage area, and 
(3) a master revocation information storage area 
storing, as master revocation information, informa- 
tion that corresponds to identification information of 
an electronic appliance that is prohibited from up- 55 
dating the revocation information stored in the rev- 
ocation information storage area, 
the apparatus comprising: 
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a first identification information storage means 
for storing first identification information that 
does not correspond to the master restricted re- 
gion stored in the master revocation informa- 
tion storage region of the storage medium; 
a permission obtaining means forobtaining, us- 
ing information corresponding to the first iden- 
tification information stored in the first identifi- 
cation information storage means, permission 
from the storage medium to update the revoca- 
tion information stored on the storage medium; 
and 

updating means for updating the revocation in- 
formation stored on the storage medium in ac- 
cordance with the permission obtained by the 
permission obtaining means. 

15. A revocation information updating apparatus in ac- 
cordance with Claim 14, 

wherein the updating means updates the rev- 
ocation information using information that is stored 
beforehand and corresponds to second identifica- 
tion information. 

16. A revocation information updating apparatus in ac- 
cordance with Claim 15, further comprising: 

a mutual authentication means for performing 
mutual authentication with the storage medium 
before the permission obtaining means tries to 
obtain permission to update the revocation in- 
formation and, only when the mutual authenti- 
cation has succeeded, generating a secret key 
that can be shared with the storage medium, 
wherein the updating means updates the revo- 
cation information using the secret key gener- 
ated by the mutual authentication means. 
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A revocation information updating apparatus in ac- 
cordance with Claim 16, further comprising: 

wherein the updating means updates the rev- 
ocation information by encrypting new revocation 
information corresponding to the second identifica- 
tion information using the secret key generated by 
the mutual authentication means and has the en- 
crypted information transferred from the electronic 
appliance to the storage medium. 

18. A revocation information updating apparatus in ac- 
cordance with Claim 15, 

wherein the revocation information is sorted in- 
to a plurality of groups and the revocation infor- 
mation storage region includes a plurality of 
storage regions that each store a different 
group, 

the updating means only updating the revoca- 
tion information in a group that corresponds to 
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the second identification information. 

19. A revocation information updating apparatus in ac- 
cordance with Claim 15, 

5 

wherein the master revocation information stor- 
age region stores, as the master revocation in- 
formation, information produced by encrypting 
a: predetermined secret key using identification 
information of an electronic appliance that is 10 
prohibited from updating the revocation infor- 
mation as a secret key, and 
the permission obtaining means obtaining the 
permission by receiving the master revocation 
information sent from the storage medium, de- 15 
crypting the master revocation information us- 
ing the first identification information of the 
electronic appliance, and sending a decrypted 
result and information that exhibits a predeter- 
mined type of regularity to the storage medium. 20 
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